Skip to Content.
Sympa Menu

en - Re: [sympa-users] bug fix, I beg you!!

Subject: The mailing list for listmasters using Sympa

List archive

Re: [sympa-users] bug fix, I beg you!!

Chronological Thread  
    < Chronological >       < Thread >
  • From: David Verdin <address@concealed>
  • To: address@concealed
  • Subject: Re: [sympa-users] bug fix, I beg you!!
  • Date: Fri, 05 Apr 2013 14:59:41 +0200
Hi Adam,

Here's a quick fix to your problem: don't renew sessions when browsing archives. The following will do it:

line 1472 in wwsympa.fcgi, replace this:

     $session->renew() unless($param->{'use_ssl'});


by that:

     $session->renew() unless($param->{'use_ssl'} or $param->{'action'} eq 'arc');

Of course, this is a short term solution. we need to find something smarter that that to prevent session hijcking and allow browsing archives with several images attached.

Regards,

David

Le 04/04/13 19:57, Adam Bernstein a écrit :
Sympa team, we're desperate to fix this serious bug with broken Sympa sessions, it keeps coming up for our users, and we've been waiting a long time.  It's related to the double-click-causes-logout bug, which I think was fixed, but at least that one involved some questionable user behavior.  This one does not, which makes it a bigger problem for more people.

The problem again: Viewing an archived message with 2 or more image attachments will kick the user viewing it out of their login session.

https://sourcesup.renater.fr/tracker/?func=detail&aid=8056&group_id=23&atid=167

And here's the set of corresponding log lines if it helps:

Apr  4 09:24:00 npogroups wwsympa[37710]: info [robot lists.compasspoint.org] [session 18070406780302] [client 173.164.171.153] [user address@concealed] [list fpn] main::do_arc() do_arc(2013-04, msg00016.html)
Apr  4 09:24:01 npogroups wwsympa[37710]: info [robot lists.compasspoint.org] [session 46849781300411] [client 173.164.171.153] [user address@concealed] [list fpn] main::do_arc() do_arc(2013-04, msg00016/image001.gif)
Apr  4 09:24:01 npogroups wwsympa[80047]: info [robot lists.compasspoint.org] [session 46849781300411] [client 173.164.171.153] [user address@concealed] [list fpn] main::do_arc() do_arc(2013-04, msg00016/image002.gif)
Apr  4 09:24:02 npogroups wwsympa[80047]: info SympaSession::new() SympaSession::new ignoring unknown session cookie '46849781300411'
Apr  4 09:24:02 npogroups wwsympa[37710]: info SympaSession::new() SympaSession::new ignoring unknown session cookie '46849781300411'

Help?  Please?  Thank you!

     adam

--
A bug in Sympa? Quick! To the bug tracker!

 
David Verdin
Infrastructure pour les Services Informatiques
 
Tél : +33 2 23 23 69 71
Fax : +33 2 23 23 71 21
 
www.renater.fr
 		RENATER
263 Avenue du Gal Leclerc
35042 Rennes Cedex


PNG image

Attachment: smime.p7s
Description: Signature cryptographique S/MIME


Archive powered by MHonArc 2.6.19+.

Top of Page